Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
File: 62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa (raw, json)
Hash identifier: Y2HW/szc1Vxs/T020eMMk3XJSp/E9IvA1wFO27apwkI=
Subject key identifier: 3E:5F:06:06:AC:14:D7:4D:57:A4:5D:07:AD:04:95:0B:2F:5C:79:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12702FF92258604850AC60EF775B025BE3B1B170
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
Signing time: Mon 21 Apr 2025 18:30:34 +0000
ROA not before: Mon 21 Apr 2025 18:30:34 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:70:2f:f9:22:58:60:48:50:ac:60:ef:77:5b:02:5b:e3:b1:b1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:30:34 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=2844525e63933a4aa5da45d31973bce994a7df365b66c7e232ab0fb39154ce82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5b:72:ac:10:72:fe:3d:17:66:81:e0:c5:e9:
bb:48:94:f4:97:37:be:f7:4b:13:e0:20:15:86:41:
56:56:72:cf:c3:d3:a1:bc:12:89:9e:dc:5a:50:38:
e7:67:ad:23:bd:7c:6f:30:25:bc:dd:82:1f:eb:1e:
f7:29:1b:8c:c9:58:fe:b7:04:24:14:27:5b:e4:63:
87:c5:5b:ba:68:42:31:6a:37:fe:32:49:9e:d2:7b:
c5:12:2a:43:45:6c:b6:53:e1:c9:5a:14:57:51:74:
38:ff:f1:eb:1f:99:21:10:71:ab:d0:c3:61:90:71:
49:93:ec:35:5b:2a:1a:17:02:1c:08:c0:1f:04:c5:
77:ff:00:c4:30:ee:9a:7c:7f:16:6c:60:93:30:8b:
84:33:e3:35:39:d3:50:49:ec:58:9a:6e:b4:94:1e:
dd:a1:92:57:5b:3d:94:28:02:03:35:be:5e:b9:b2:
11:34:76:8c:de:05:86:5c:b3:98:e0:19:14:8b:61:
95:5b:2a:fd:9f:50:d3:03:80:b1:5d:8d:8d:cd:c5:
c6:85:07:11:57:14:57:7a:7c:be:69:87:c9:3f:7c:
6f:fd:65:85:4a:4e:03:d9:95:35:1c:71:b4:85:0c:
d5:3c:09:94:8b:89:51:4e:7a:61:66:04:e0:31:28:
92:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5F:06:06:AC:14:D7:4D:57:A4:5D:07:AD:04:95:0B:2F:5C:79:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:840::/46
Signature Algorithm: sha256WithRSAEncryption
7b:9f:ab:23:27:00:1e:ab:13:e8:5b:3c:b0:31:7f:57:92:25:
21:e9:ab:d1:7b:1b:f0:ff:05:a1:19:b5:68:23:e8:bb:82:58:
d4:55:dc:ab:ab:b7:83:50:87:f8:de:52:95:9b:47:47:89:80:
0a:07:20:23:cf:27:41:d9:70:5f:2b:3b:b7:cb:bc:d5:28:4e:
fa:f9:e2:34:22:a1:28:84:69:87:e1:88:9e:10:8d:71:c0:ba:
7a:9f:3a:bd:28:71:b0:10:22:35:96:aa:85:e3:5e:7b:e5:94:
42:51:e3:3d:f4:72:e3:1b:f3:92:88:ba:0a:2a:f1:a9:87:d0:
64:21:fb:6a:fd:09:6f:df:ea:c6:2e:14:d5:dc:7e:dd:3c:8e:
e2:37:d4:66:1a:f7:20:f1:4f:25:4d:b3:6a:c3:e4:0a:db:70:
0b:1d:53:7f:75:b5:cf:d7:44:31:b9:27:4f:c4:b4:1e:ee:ba:
9d:d0:7d:ed:1d:11:4d:7e:bf:62:e4:b8:94:45:c2:54:d6:b8:
70:0d:55:7d:1a:a1:35:11:bd:32:35:f3:6a:07:ab:5a:da:34:
08:14:7f:62:6f:d7:5c:f7:c5:32:00:af:3a:b0:78:87:04:ae:
22:d1:1e:65:48:d9:1b:e1:82:2d:bf:39:7b:0c:63:b7:c2:07:
b4:c7:55:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEnAv+SJYYEhQrGDvd1sCW+OxsXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMwMzRaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4NDQ1MjVlNjM5MzNhNGFhNWRhNDVkMzE5NzNiY2U5OTRhN2RmMzY1YjY2
YzdlMjMyYWIwZmIzOTE1NGNlODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtbcqwQcv49F2aB4MXpu0iU9Jc3vvdLE+AgFYZBVlZyz8PTobwSiZ7cWlA4
52etI718bzAlvN2CH+se9ykbjMlY/rcEJBQnW+Rjh8VbumhCMWo3/jJJntJ7xRIq
Q0VstlPhyVoUV1F0OP/x6x+ZIRBxq9DDYZBxSZPsNVsqGhcCHAjAHwTFd/8AxDDu
mnx/FmxgkzCLhDPjNTnTUEnsWJputJQe3aGSV1s9lCgCAzW+XrmyETR2jN4Fhlyz
mOAZFIthlVsq/Z9Q0wOAsV2Njc3FxoUHEVcUV3p8vmmHyT98b/1lhUpOA9mVNRxx
tIUM1TwJlIuJUU56YWYE4DEoktECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+XwYG
rBTXTVekXQetBJULL1x50zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkZGM1MmEtOGE0Zi00ZWYyLTk1ZWMtZGJmM2E3NmJlOThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
QDANBgkqhkiG9w0BAQsFAAOCAQEAe5+rIycAHqsT6Fs8sDF/V5IlIemr0Xsb8P8F
oRm1aCPou4JY1FXcq6u3g1CH+N5SlZtHR4mACgcgI88nQdlwXys7t8u81ShO+vni
NCKhKIRph+GInhCNccC6ep86vShxsBAiNZaqheNee+WUQlHjPfRy4xvzkoi6Cirx
qYfQZCH7av0Jb9/qxi4U1dx+3TyO4jfUZhr3IPFPJU2zasPkCttwCx1Tf3W1z9dE
MbknT8S0Hu66ndB97R0RTX6/YuS4lEXCVNa4cA1VfRqhNRG9MjXzagerWto0CBR/
Ym/XXPfFMgCvOrB4hwSuItEeZUjZG+GCLb85ewxjt8IHtMdVRw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:19 2025 by rpki-client